From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tobias Geerinckx-Rice Subject: bug#36614: rust@1.36's hash is incorrect. Date: Fri, 12 Jul 2019 15:16:20 +0200 Message-ID: <87pnmf2y1n.fsf@nckx> References: <8736jby4go.fsf@gmx.com> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:50732) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hlvQB-0000lF-An for bug-guix@gnu.org; Fri, 12 Jul 2019 09:17:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hlvQ8-00034M-08 for bug-guix@gnu.org; Fri, 12 Jul 2019 09:17:07 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:58792) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hlvQ7-00033Z-SX for bug-guix@gnu.org; Fri, 12 Jul 2019 09:17:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hlvQ5-0005r3-NO for bug-guix@gnu.org; Fri, 12 Jul 2019 09:17:03 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-reply-to: <8736jby4go.fsf@gmx.com> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: 36614-done@debbugs.gnu.org Cc: Ivan Petkov --=-=-= Content-Type: text/plain; format=flowed Pierre, Ivan, Pierre Langlois wrote: > From > https://static.rust-lang.org/dist/rustc-1.36.0-src.tar.gz... > downloading from > https://static.rust-lang.org/dist/rustc-1.36.0-src.tar.gz... > rustc-1.36.0-src.tar.gz 147.5MiB > 1.6MiB/s 01:35 [##################] 100.0% > sha256 hash mismatch for > /gnu/store/jm9xvf6qy4zxkb7rkmpz8ygf55l8v8v5-rustc-1.36.0-src.tar.gz: > expected hash: > 18r688ih4xi9m8gv55g1amb8inrwkdxp5fbcqb6i4gqxi90l3i0m > actual hash: > 06xv2p6zq03lidr0yaf029ii8wnjjqa894nkmrm6s0rx47by9i04 I get that too. > Hopefully it's not unstable :-/. Since release archives are signed that would imply some horrible things about their key management, so I doubt it very much. I guess we'll find out. I've gone ahead and pushed a fix since the signature checked out. I'm closing this bug for now... However, I'd be interested to know what the previous hash described. Do you still have that file around, Ivan? Thanks, T G-R --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQT12iAyS4c9C3o4dnINsP+IT1VteQUCXSiIJQAKCRANsP+IT1Vt eUmBAQDwjDsgA7PRQN70d8DlWSPTcOSIfOTlD6GG8GCrU3u+UAD+OtelZpz5Ho8k z67V8wclwbHIOhKjfLHE1QwKfb1XqAE= =wSV5 -----END PGP SIGNATURE----- --=-=-=--